Ellissa

Just to be clear - (Cause finding java was a little different for me, and some of the instructions weren't spot on for me.) I found java in my control panel, and in the general tab I see a section for Temporary INternet Files, and underneath is, "Settings" and "View" I hit, settings.. where I found a "Delete files" button, clicked, and it gave me these three options, "Trace and Log Files" "Cached Applications and Applets" and "Installed Applications and Applets" I'm assuming this is all still what you want me to do? I didn't wanna delete anything unless I double checked. I would have if every step seemed spot on, but it wasn't.

Fine, thanks. It was never really running weird, I just thought it to be weird that in the last four days when I was running MBAM I had like twenty threats and they kept coming over and over, even scanning ten minutes after the one before it. It was strange cause I scan routinely and that's never happened. But I just ran a scan and it seems to be all clear. Tyvm. I'll let you know if anything changes within the next few days, lol.

(Now here is the combofix log) ComboFix 12-11-20.02 - Becka 11/20/2012 18:42:41.7.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4431 [GMT -8:00] Running from: c:\users\Becka\Desktop\ComboFix.exe Command switches used :: c:\users\Becka\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\progra~2\SEARCH~1\Datamngr\DATAMN~1.EXE c:\program files (x86)\Search Results Toolbar c:\program files (x86)\Search Results Toolbar\Datamngr\datamngr.dll c:\program files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe c:\program files (x86)\Search Results Toolbar\Datamngr\DnsBHO.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF13.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF14.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF15.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF16.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.xul c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RequestPreserver.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Settings.xml c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\install.rdf c:\program files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll c:\program files (x86)\Search Results Toolbar\Datamngr\installhelper.dll c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\as_guid.dat c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\custom.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\about.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\custom.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanel.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpaneltransparent.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxpanelwin.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxprefwin.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxtransparentwin.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\dtxwin.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\emailnotifierproviders.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\external.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\neterror.xhtml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsspreview.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\rsswin.xsl c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\lib\wmpstreamer.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\datastore.jsm c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\modules\nsDragAndDrop.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\neterror.xhtml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\preferences.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\template.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.htm c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\toolbar.xul c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmncode.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\vmnrsswin.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_icon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconFF.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressed.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_iconPressedFF.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\tb_pref_icon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs\tb_thumb_icon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsw c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.jsww c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\com.djboxservice.dj.DJBox\widget.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-buffering.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-connecting.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-ico.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-playing.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta-stopped.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\radiobeta.ico c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\tb_icon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.jsw c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\content\widgets\net.vmn.www.RadioBeta\widget.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\engines.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\search\search.xsl c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\data\weather\icons.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\lib\en.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\locale.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\de.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\en.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\es.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\fr.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\locale\toolbar\it.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\blip.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluelite.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\bluesky.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-search.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-settings.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn-widgets.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\btn_settings.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\custom.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\dailymotion.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\divider.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\ebay.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\facebook.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\find-videos.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\grey.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\icon_games.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\images.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\add.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\alexabutton.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\aol.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-dn.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right-disabled.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-right.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\arrow-up.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-divider.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-end.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-mdl_ff.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btn-start.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-divider.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-end.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\bg-btnover-start.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\blank.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn-widgets.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btn_slider.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnback-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnleft-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\btnright-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\button-splitter.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\checkmark.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\chevron.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\collapse.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\debugbar\debug.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx-test.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\dtx.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back-hot.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\edit-back.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\expand.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\found.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\gmail.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_blue.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_cyan.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_lime.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_magenta.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\highlight_yellow.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\hotmail.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\imap.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\launchers.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\loadingMid.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\lock.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\logo-separator.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\mailcom.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_bg-basic.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_bar.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menu_separator_white.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitem-splitter.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemback-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemleft.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-down-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\menuitemright-vista.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\minus.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\modify.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\move.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\movetarget.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\panels.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupAbout.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupGames.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\css\popupWidgets.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\css\dialog.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\bg.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-search.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\default.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-l.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-off-r.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-l.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\tab-on-r.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\transparent.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-mdl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\ttlbar-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-btm-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\images\win-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\main.html.bak c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\default\scripts\defscript.js.bak c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\footer.htm c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gamecategory.xsl c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameData.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gameList.xsl c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\gametype.xsl c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-dn.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-sml.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrow-up.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-aboutbox.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-btnover.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-back.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-grey.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-close-greyover.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-drag.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-mdl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-moredetails.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-next.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-play-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-previous.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-right-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\btn-try-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\bullet-orange.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb-on.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\gamethumb2-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-calendar.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-dollar.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-download.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-joystick24.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-news24.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-play.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ico-tags.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Add.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-download.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-Info.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-play.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\icon-shop.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\menul-bgover.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg-206.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-bg.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scroll-topwin.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-disable.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-down.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollb.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-disable.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-down.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\scrollt.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_grey.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\star_x_orange.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\throbber.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\TRUSTe_about.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-on.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-detailed-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-on.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\view-thumb-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-16px.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets-square-24px.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\widgets.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\initHTML.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupGames.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupHTML.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\popupWidgets.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\scroll.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\plus.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\pop.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\radio.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\reload.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\remove.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rename.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\resize-box.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rss.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsschannelback.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\RSSLogo.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\rsstabdivider.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\scroll-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search-go.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\search.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\separator.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\text-ellipsis.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\throbber.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\toolbarsplitter.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\transparent_1px.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_02.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_03.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_04.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_06.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_07.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_08.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_09.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_10.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_11.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_12.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_13.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_14.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_15.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_16.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_18.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_19.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_20.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\border_21.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-grey.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-hot.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\close-normal.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\loadingMid.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\paneltemplate.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\proxy.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.html.bak c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\template.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\templateFF.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\uwa\throbber.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\cond999.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\icons.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-s.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na-t.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\na.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\icons\weather.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\yahoo.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lichen.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-about.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo-separator.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\logo.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\menuseparatorback.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\metacafe.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify-save.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modify.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\modifyhot.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\namespacetoolbar.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options-search.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-main.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-search.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-weather.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\options\options-widgets.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\orange.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search-over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\search_icon.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-left.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-middle.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\searchbar\searchbar-background-right.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\setting_stb_16x.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\settings_stb_19x_over.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluelite.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-bluesky.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-grey.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-lichen.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-orange.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin-yellow.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\skin.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\sv.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\throbber.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\toolbarsplitter.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\TRUSTe_about.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\tv.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\twitter.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\veoh.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\video.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vimeo.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\vmn.css c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\web.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\websearch.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\yellow.gif c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\youtube.png c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\components\windowmediator.js c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\install.ico c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\manifest.xml c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultstb.dll c:\program files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\uninstall.exe c:\program files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll c:\program files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll c:\program files (x86)\Search Results Toolbar\Datamngr\x64\datamngrUI.exe c:\program files (x86)\Search Results Toolbar\Datamngr\x64\DnsBHO.dll c:\program files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll c:\program files (x86)\Search Results Toolbar\sysid.ini c:\program files (x86)\Search Results Toolbar\uninstall.exe . . ((((((((((((((((((((((((( Files Created from 2012-10-21 to 2012-11-21 ))))))))))))))))))))))))))))))) . . 2012-11-21 02:48 . 2012-11-21 02:48 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-11-21 02:48 . 2012-11-21 02:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-20 18:44 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98BB7703-D886-40D3-8C7D-CE02BA15B6A2}\mpengine.dll 2012-11-17 21:08 . 2012-09-25 07:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-15 23:17 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-15 23:17 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 23:17 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 23:17 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 23:11 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-11-15 23:10 . 2012-10-08 12:29 754848 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2012-11-15 23:09 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 23:09 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 23:09 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 23:09 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 23:09 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 23:09 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 23:09 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-15 23:07 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll 2012-11-15 23:07 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll 2012-11-15 23:07 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-11-15 23:07 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys 2012-11-15 23:07 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-11-15 23:07 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll 2012-11-15 23:07 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-11-15 23:07 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-11-15 23:07 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-11-15 16:56 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-15 16:56 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-15 16:56 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-11-15 16:56 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-15 23:51 . 2012-06-21 19:14 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-15 23:51 . 2011-05-17 05:50 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-15 23:09 . 2010-02-25 19:27 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-30 23:51 . 2011-08-23 23:05 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-30 23:51 . 2012-05-08 18:21 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-10-30 23:51 . 2012-05-08 18:21 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-10-30 23:51 . 2011-08-23 23:06 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 23:51 . 2011-08-23 23:05 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 23:51 . 2011-08-23 23:05 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 23:51 . 2012-05-08 18:21 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-10-30 23:51 . 2011-08-23 23:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 23:51 . 2011-08-23 23:05 41224 ----a-w- c:\windows\avastSS.scr 2012-10-30 23:50 . 2011-08-23 23:05 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 23:50 . 2011-01-01 19:59 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-15 16:59 . 2012-02-25 19:09 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-09-30 02:54 . 2010-06-18 17:03 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-14 19:19 . 2012-10-10 13:06 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 13:06 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-07 17:44 . 2012-07-13 04:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-07 17:44 . 2011-06-15 17:10 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-31 18:19 . 2012-10-10 13:06 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-30 18:03 . 2012-10-10 13:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-10 13:06 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12 . 2012-10-10 13:06 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05 . 2012-10-10 13:06 220160 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 16:57 . 2012-10-10 13:06 172544 ----a-w- c:\windows\SysWow64\wintrust.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-25 802304] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2009-10-10 40320] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-09-06 12368] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912] S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928] S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2x.sys [2008-09-30 553472] . . Contents of the 'Scheduled Tasks' folder . 2012-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 23:51] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 07:50] . 2012-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 07:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/ FF - ExtSQL: 2012-11-14 22:46; {f34c9277-6577-4dff-b2d7-7d58092f272f}; c:\users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: !HIDDEN! 2012-11-14 22:46; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) BHO-{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - c:\progra~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL AddRemove-ilividtoolbarguid - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-11-20 18:50:24 ComboFix-quarantined-files.txt 2012-11-21 02:50 ComboFix2.txt 2012-11-20 23:19 ComboFix3.txt 2012-01-06 22:36 ComboFix4.txt 2012-01-06 21:57 . Pre-Run: 613,826,457,600 bytes free Post-Run: 613,771,374,592 bytes free . - - End Of File - - BA1725BAED6007BF98FADBCE4A92B85E

(Here's adwcleaner notepad) # AdwCleaner v2.008 - Logfile created 11/20/2012 at 18:32:46 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Becka - BECKA-PC # Boot Mode : Normal # Running from : C:\Users\Becka\Desktop\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml File Deleted : C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\searchplugins\Search_Results.xml Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\Users\Becka\AppData\Local\Ilivid ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll Data Deleted : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406 --> hxxp://www.google.com -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\prefs.js Deleted : user_pref("extensions.m86sb.ta.categories", "{\r\n \"version\": \"3.611\",\r\n \"Images\": {\r\n\[...] Deleted : user_pref("extensions.m86sb.ta.sites", "{\r\n \"version\": \"3.611\",\r\n \"sites\": {\r\n [...] -\\ Google Chrome v [unable to get version] File : C:\Users\Becka\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v [unable to get version] File : C:\Users\Becka\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [6419 octets] - [20/11/2012 14:43:57] AdwCleaner[s1].txt - [6017 octets] - [20/11/2012 18:32:46] ########## EOF - C:\AdwCleaner[s1].txt - [6077 octets] ##########

I don't know if this is any concern, but during the scan it popped up a few times saying something along the lines of, "The procedure getfilesversioninfosizeW could not be located in the dll version.dll.) But I sitll got this log at the end. ComboFix 12-11-20.02 - Becka 11/20/2012 15:11:49.6.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.3935 [GMT -8:00] Running from: c:\users\Becka\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Becka\AppData\Local\{77CC2D20-8CFE-4B82-A3B4-BF4E2C17EED2} c:\users\Becka\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((( Files Created from 2012-10-20 to 2012-11-20 ))))))))))))))))))))))))))))))) . . 2012-11-20 23:17 . 2012-11-20 23:17 -------- d-----w- c:\users\Public\AppData\Local\temp 2012-11-20 23:17 . 2012-11-20 23:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-20 19:37 . 2012-11-20 19:37 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98BB7703-D886-40D3-8C7D-CE02BA15B6A2}\offreg.dll 2012-11-20 18:44 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98BB7703-D886-40D3-8C7D-CE02BA15B6A2}\mpengine.dll 2012-11-17 21:08 . 2012-09-25 07:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-15 23:17 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2012-11-15 23:17 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-11-15 23:17 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-11-15 23:17 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-11-15 23:11 . 2012-10-08 11:13 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-11-15 23:10 . 2012-10-08 12:29 754848 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2012-11-15 23:09 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-11-15 23:09 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-11-15 23:09 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-11-15 23:09 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-11-15 23:09 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2012-11-15 23:09 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-15 23:09 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-11-15 23:07 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll 2012-11-15 23:07 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll 2012-11-15 23:07 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-11-15 23:07 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys 2012-11-15 23:07 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-11-15 23:07 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll 2012-11-15 23:07 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-11-15 23:07 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-11-15 23:07 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-11-15 16:56 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2012-11-15 16:56 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2012-11-15 16:56 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2012-11-15 16:56 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2012-11-15 15:32 . 2012-11-15 15:32 -------- d-----w- c:\programdata\boost_interprocess 2012-11-15 06:46 . 2012-11-15 06:46 -------- d-----w- c:\program files (x86)\Search Results Toolbar 2012-11-15 06:45 . 2012-11-15 06:45 -------- d-----w- c:\users\Becka\AppData\Local\iLivid . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-15 23:51 . 2012-06-21 19:14 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-11-15 23:51 . 2011-05-17 05:50 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-15 23:09 . 2010-02-25 19:27 66395536 ----a-w- c:\windows\system32\MRT.exe 2012-10-30 23:51 . 2011-08-23 23:05 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-10-30 23:51 . 2012-05-08 18:21 262656 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-10-30 23:51 . 2012-05-08 18:21 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-10-30 23:51 . 2011-08-23 23:06 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-10-30 23:51 . 2011-08-23 23:05 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 23:51 . 2011-08-23 23:05 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-10-30 23:51 . 2012-05-08 18:21 132864 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-10-30 23:51 . 2011-08-23 23:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-10-30 23:51 . 2011-08-23 23:05 41224 ----a-w- c:\windows\avastSS.scr 2012-10-30 23:50 . 2011-08-23 23:05 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-10-30 23:50 . 2011-01-01 19:59 285328 ----a-w- c:\windows\system32\aswBoot.exe 2012-10-15 16:59 . 2012-02-25 19:09 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-09-30 02:54 . 2010-06-18 17:03 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-14 19:19 . 2012-10-10 13:06 2048 ----a-w- c:\windows\system32\tzres.dll 2012-09-14 18:28 . 2012-10-10 13:06 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-09-07 17:44 . 2012-07-13 04:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-09-07 17:44 . 2011-06-15 17:10 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-08-31 18:19 . 2012-10-10 13:06 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys 2012-08-30 18:03 . 2012-10-10 13:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:12 . 2012-10-10 13:06 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12 . 2012-10-10 13:06 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05 . 2012-10-10 13:06 220160 ----a-w- c:\windows\system32\wintrust.dll 2012-08-24 16:57 . 2012-10-10 13:06 172544 ----a-w- c:\windows\SysWow64\wintrust.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-09-25 802304] "Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\IEBHO.dll . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944] R3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2009-10-10 40320] R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUVC64;Logitech Webcam C160(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736] S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2011-09-06 12368] S0 aswNdis2;avast! Firewall Core Firewall Service; [x] S1 aswFW;avast! TDI Firewall driver; [x] S1 aswKbd;aswKbd; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912] S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [2009-08-28 1150496] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936] S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [2009-07-04 240160] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928] S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\DRIVERS\WN111v2x.sys [2008-09-30 553472] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - ASWMBR *Deregistered* - aswMBR . Contents of the 'Scheduled Tasks' folder . 2012-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 23:51] . 2012-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 07:50] . 2012-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-23 07:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\progra~2\SEARCH~1\Datamngr\x64\datamngr.dll c:\progra~2\SEARCH~1\Datamngr\x64\IEBHO.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://www.searchnu.com/406 uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/ FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=418&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0408440598504450&o=APN10645&q= FF - ExtSQL: 2012-11-14 22:46; {f34c9277-6577-4dff-b2d7-7d58092f272f}; c:\users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: !HIDDEN! 2012-11-14 22:46; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-10 - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-11-20 15:19:02 ComboFix-quarantined-files.txt 2012-11-20 23:19 ComboFix2.txt 2012-01-06 22:36 ComboFix3.txt 2012-01-06 21:57 . Pre-Run: 612,270,157,824 bytes free Post-Run: 613,776,220,160 bytes free . - - End Of File - - 683781CBFEC9A801BCD5ABEB5158B872

(Here's Adwcleaner Log) # AdwCleaner v2.008 - Logfile created 11/20/2012 at 14:43:57 # Updated 17/11/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Becka - BECKA-PC # Boot Mode : Normal # Running from : C:\Users\Becka\Desktop\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml File Found : C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\searchplugins\Search_Results.xml Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\ProgramData\Partner Folder Found : C:\Users\Becka\AppData\Local\Ilivid Folder Found : C:\Users\Becka\AppData\Local\Temp\boost_interprocess ***** [Registry] ***** Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll Key Found : HKCU\Software\APN DTX Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKLM\Software\DataMngr Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Key Found : HKLM\SOFTWARE\DataMngr Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Found : HKU\S-1-5-21-142491608-2200593318-2864285238-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKU\S-1-5-21-142491608-2200593318-2864285238-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr] ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchnu.com/406 -\\ Mozilla Firefox v16.0.2 (en-US) Profile name : default File : C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\prefs.js Found : user_pref("extensions.m86sb.ta.categories", "{\r\n \"version\": \"3.611\",\r\n \"Images\": {\r\n\[...] Found : user_pref("extensions.m86sb.ta.sites", "{\r\n \"version\": \"3.611\",\r\n \"sites\": {\r\n [...] Found : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=418&systemid=406&apn[...] -\\ Google Chrome v [unable to get version] File : C:\Users\Becka\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v [unable to get version] File : C:\Users\Becka\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [6370 octets] - [20/11/2012 14:43:57] ########## EOF - C:\AdwCleaner[R1].txt - [6430 octets] ##########

(Here is ASWMBR's Log) aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2012-11-20 14:23:17 ----------------------------- 14:23:17.847 OS Version: Windows x64 6.1.7601 Service Pack 1 14:23:17.847 Number of processors: 2 586 0x602 14:23:17.847 ComputerName: BECKA-PC UserName: Becka 14:23:22.090 Initialize success 14:23:22.184 AVAST engine defs: 12112000 14:23:29.375 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000060 14:23:29.375 Disk 0 Vendor: ST375052 CC44 Size: 715404MB BusType: 3 14:23:29.391 Disk 0 MBR read successfully 14:23:29.391 Disk 0 MBR scan 14:23:29.391 Disk 0 unknown MBR code 14:23:29.407 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048 14:23:29.422 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 25167872 14:23:29.422 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 703014 MB offset 25372672 14:23:29.453 Disk 0 scanning C:\Windows\system32\drivers 14:23:38.704 Service scanning 14:23:53.087 Modules scanning 14:23:53.103 Disk 0 trace - called modules: 14:23:53.134 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys 14:23:53.150 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800645f410] 14:23:53.165 3 CLASSPNP.SYS[fffff880019be43f] -> nt!IofCallDriver -> [0xfffffa8005fc17a0] 14:23:53.165 5 ACPI.sys[fffff88000f0d7a1] -> nt!IofCallDriver -> \Device\00000060[0xfffffa8005f47060] 14:23:54.351 AVAST engine scan C:\Windows 14:23:56.753 AVAST engine scan C:\Windows\system32 14:26:06.592 AVAST engine scan C:\Windows\system32\drivers 14:26:16.951 AVAST engine scan C:\Users\Becka 14:31:02.228 AVAST engine scan C:\ProgramData 14:32:47.200 Scan finished successfully 14:41:18.599 Disk 0 MBR has been saved successfully to "C:\Users\Becka\Desktop\MBR.dat" 14:41:18.599 The log file has been saved successfully to "C:\Users\Becka\Desktop\aswMBR.txt"

Hello, for the last four days or so I've been running MBAM quick scans. (I have MBAM Pro) And it keeps popping up with infected files one after the other. I'll scan, it'll have an infected object, then I'll remove it, scan an hour or so later and there will be another. I've probably had to get rid of twenty or so within the last four days. Does anyone know the problem or the solution to fix this? It's rather annoying. ): (Here's my DDS Log) DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2 Run by Becka at 10:52:18 on 2012-11-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4210 [GMT -8:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\System32\rundll32.exe C:\Windows\Explorer.EXE C:\Windows\System32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.searchnu.com/406 BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{CB99BCE6-F373-4F23-8A44-448AE2F507A3} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{CB99BCE6-F373-4F23-8A44-448AE2F507A3}\245636B616 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{CB99BCE6-F373-4F23-8A44-448AE2F507A3}\A45637573702943702C4F62746 : DHCPNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{CB99BCE6-F373-4F23-8A44-448AE2F507A3}\C496D656C496F6E6D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab x64-DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/ FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=418&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0408440598504450&o=APN10645&q= FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2012-11-14 22:46; {f34c9277-6577-4dff-b2d7-7d58092f272f}; C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} FF - ExtSQL: !HIDDEN! 2012-11-14 22:46; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension . ============= SERVICES / DRIVERS =============== . R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2011-9-9 12368] R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-5-8 262656] R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-5-8 132864] R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-5-8 21136] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-8-23 984144] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-8-23 370288] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-8-23 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-8-23 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-15 44808] R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-11-15 133912] R2 Greg_Service;GRegService;C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [2009-8-28 1150496] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-13 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-13 676936] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R2 Updater Service;Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2009-11-24 240160] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-6-18 25928] R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;C:\Windows\System32\drivers\WN111v2x.sys [2008-9-29 553472] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\System32\drivers\btblan.sys [2009-10-9 40320] S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] S3 LVUVC64;Logitech Webcam C160(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-17 1255736] . =============== File Associations =============== . FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1 FileExt: .vbe: VBEFile=C:\Windows\SysWow64\WScript.exe "%1" %* FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %* FileExt: .js: JSFile=C:\Windows\SysWow64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-11-20 18:44:54 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{98BB7703-D886-40D3-8C7D-CE02BA15B6A2}\mpengine.dll 2012-11-17 23:30:20 -------- d-----w- C:\Users\Becka\AppData\Local\{971CEF98-0AE2-4802-B668-19A88A97FB31} 2012-11-17 21:08:48 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-15 23:17:25 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui 2012-11-15 23:17:24 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2012-11-15 23:17:24 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-15 23:17:24 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-15 23:10:59 754848 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2012-11-15 23:09:07 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-11-15 23:09:07 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-11-15 23:09:06 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll 2012-11-15 23:09:06 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2012-11-15 23:09:04 744448 ----a-w- C:\Windows\System32\WUDFx.dll 2012-11-15 23:09:04 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2012-11-15 23:09:04 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-11-15 23:07:43 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-11-15 23:07:43 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-11-15 23:07:42 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-11-15 23:07:42 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-11-15 23:07:42 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-11-15 23:07:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-11-15 23:07:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-11-15 23:07:42 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-11-15 23:07:42 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2012-11-15 16:56:00 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll 2012-11-15 16:56:00 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll 2012-11-15 16:56:00 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll 2012-11-15 16:56:00 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll 2012-11-15 15:32:07 -------- d-----w- C:\ProgramData\boost_interprocess 2012-11-15 06:46:34 -------- d-----w- C:\Program Files (x86)\Search Results Toolbar 2012-11-15 06:45:40 -------- d-----w- C:\Users\Becka\AppData\Local\iLivid 2012-11-13 00:24:57 -------- d-----w- C:\Users\Becka\AppData\Local\{AA3E3771-FEE0-4AF5-8B23-BF49E94AE33C} 2012-11-12 03:21:40 -------- d-----w- C:\Users\Becka\AppData\Local\{1F5F657C-3C9F-41C0-9424-BE2915B514F1} 2012-11-11 01:35:56 -------- d-----w- C:\Users\Becka\AppData\Local\{C34AA23B-12F7-4723-AEE4-368352342FDC} 2012-11-08 23:44:49 -------- d-----w- C:\Users\Becka\AppData\Local\{7EDD5EC3-593E-4130-B76C-058895A4DC83} 2012-11-08 00:05:38 -------- d-----w- C:\Users\Becka\AppData\Local\{BCD6057E-D299-44DC-88BE-F591A2558D5F} 2012-11-02 01:52:51 -------- d-----w- C:\Users\Becka\AppData\Local\{77403B00-B14C-483C-A446-A685860CF598} 2012-10-31 01:04:17 -------- d-----w- C:\Users\Becka\AppData\Local\{7F699C85-FDE1-44DB-9B27-D69E219E8628} 2012-10-29 20:09:46 -------- d-----w- C:\Users\Becka\AppData\Local\{589462BA-DF07-4622-82F5-80E349B2FF0C} 2012-10-27 02:51:54 -------- d-----w- C:\Users\Becka\AppData\Local\{6FDCB1B3-B130-4BAD-86F9-C5DC2C0008AE} 2012-10-22 02:24:59 -------- d-----w- C:\Users\Becka\AppData\Local\{B2A37577-BBCE-4DE3-82C1-2580357F78A9} . ==================== Find3M ==================== . 2012-11-15 23:51:31 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-11-15 23:51:31 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-30 23:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-10-30 23:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-10-30 23:51:55 262656 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys 2012-10-30 23:51:55 21136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys 2012-10-30 23:51:53 132864 ----a-w- C:\Windows\System32\drivers\aswFW.sys 2012-10-30 23:51:07 41224 ----a-w- C:\Windows\avastSS.scr 2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys 2012-10-15 16:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll 2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll 2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll 2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll 2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll 2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll 2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll 2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll 2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll 2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2012-09-30 02:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll 2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll 2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-09-07 17:44:45 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-09-07 17:44:45 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-08-23 14:13:11 243200 ----a-w- C:\Windows\System32\rdpudd.dll 2012-08-23 14:10:20 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2012-08-23 14:07:35 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2012-08-23 13:47:20 46592 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll 2012-08-23 13:46:20 16896 ----a-w- C:\Windows\SysWow64\wksprtPS.dll 2012-08-23 13:41:52 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2012-08-23 13:40:56 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 2012-08-23 13:24:57 15360 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll 2012-08-23 13:20:40 54272 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll 2012-08-23 13:18:14 37376 ----a-w- C:\Windows\SysWow64\tsgqec.dll 2012-08-23 13:17:54 18432 ----a-w- C:\Windows\System32\wksprtPS.dll 2012-08-23 13:06:58 43520 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll 2012-08-23 12:52:53 44032 ----a-w- C:\Windows\System32\tsgqec.dll 2012-08-23 11:20:06 62976 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2012-08-23 11:15:57 269312 ----a-w- C:\Windows\SysWow64\aaclient.dll 2012-08-23 11:14:09 384000 ----a-w- C:\Windows\System32\wksprt.exe 2012-08-23 11:12:17 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll 2012-08-23 10:54:24 322560 ----a-w- C:\Windows\System32\aaclient.dll 2012-08-23 10:51:14 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll 2012-08-23 10:39:24 1048064 ----a-w- C:\Windows\SysWow64\mstsc.exe 2012-08-23 10:22:22 1123840 ----a-w- C:\Windows\System32\mstsc.exe 2012-08-23 09:51:57 3174912 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-08-23 08:19:01 4916224 ----a-w- C:\Windows\SysWow64\mstscax.dll 2012-08-23 08:13:07 5773824 ----a-w- C:\Windows\System32\mstscax.dll . ============= FINISH: 10:52:37.47 =============== (Here's my ATTACH Log) UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/22/2010 11:16:14 PM System Uptime: 11/20/2012 10:39:27 AM (0 hours ago) . Motherboard: eMachines | | MCP61PM-GM Processor: AMD Athlon II X2 235e Processor | CPU 1 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 687 GiB total, 570.932 GiB free. D: is CDROM (CDFS) E: is Removable F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318} Description: Microsoft PS/2 Mouse Device ID: ACPI\PNP0F03\4&36DC3827&0 Manufacturer: Microsoft Name: Microsoft PS/2 Mouse PNP Device ID: ACPI\PNP0F03\4&36DC3827&0 Service: i8042prt . ==== System Restore Points =================== . RP372: 11/2/2012 12:22:56 PM - Windows Update RP373: 11/5/2012 10:41:32 PM - Windows Update RP374: 11/9/2012 8:42:07 AM - Windows Update RP375: 11/15/2012 8:52:24 AM - Windows Update RP376: 11/15/2012 3:07:47 PM - Windows Update RP377: 11/17/2012 1:07:51 PM - Installed Java 7 Update 9 RP378: 11/20/2012 10:44:05 AM - Windows Update . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.2 MUI Advertising Center Aion avast! Internet Security Coupon Printer for Windows Curse Client D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition eMachines Recovery Management eMachines Registration eMachines ScreenSaver eMachines Updater ESET Online Scanner v3 Furcadia Google Update Helper Identity Card ImagXpress Java 7 Update 9 Java Auto Updater Java 7 Update 2 (64-bit) Java SE Development Kit 7 Update 2 (64-bit) JavaFX 2.0.2 (64-bit) JavaFX 2.0.2 SDK (64-bit) JavaFX 2.1.1 Junk Mail filter update League of Legends LeapFrog Connect LeapFrog Leapster Explorer Plugin Malwarebytes Anti-Malware version 1.65.1.1000 Messenger Plus! 6 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NCsoft Launcher Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Norton Online Backup NVIDIA Display Control Panel NVIDIA Drivers NVIDIA ForceWare Network Access Manager OpenOffice.org 3.3 Pando Media Booster PVSonyDll Realtek High Definition Audio Driver Search-Results Toolbar Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition Skype™ 5.10 The Sims 2 The Sims 2 Nightlife The Sims 2 Open For Business The Sims 2 University Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) Ventrilo Client Welcome Center Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live OneCare safety scanner Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver World of Warcraft . ==== Event Viewer Messages From Past Week ======== . 11/13/2012 1:32:55 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa800553e060, 0xfffff80000b9c518, 0xfffffa800a7a2cb0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111312-14742-01. 11/13/2012 1:21:09 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. . ==== End Of File ===========================

Btw, can you tell me the way to uninstall OTL and tdsskiller? I don't see them in my uninstall pannel.

Is it really necessary to download so many programs to find the problem? :l Can you tell me what some of these report means and what we're doing exactly. Sorry, I just hate not really knowing, lol.

Extras.text notepad-- OTL Extras logfile created on: 1/16/2012 10:50:23 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Becka\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.75 Gb Total Physical Memory | 4.36 Gb Available Physical Memory | 75.79% Memory free 11.50 Gb Paging File | 9.98 Gb Available in Paging File | 86.79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 686.54 Gb Total Space | 566.18 Gb Free Space | 82.47% Space Free | Partition Type: NTFS Computer Name: BECKA-PC | User Name: Becka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .cmd [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .cpl [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .hta [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .html [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .inf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .ini [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .url [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .js [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .txt [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found .wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- Reg Error: Key error. batfile [open] -- Reg Error: Key error. batfile [print] -- Reg Error: Key error. chm.file [open] -- Reg Error: Key error. cmdfile [edit] -- Reg Error: Key error. cmdfile [open] -- Reg Error: Key error. cmdfile [print] -- Reg Error: Key error. comfile [open] -- Reg Error: Key error. cplfile [cplopen] -- Reg Error: Key error. exefile [open] -- Reg Error: Key error. helpfile [open] -- Reg Error: Key error. hlpfile [open] -- Reg Error: Key error. htafile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- Reg Error: Key error. http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- Reg Error: Key error. inffile [open] -- Reg Error: Key error. inffile [print] -- Reg Error: Key error. inifile [open] -- Reg Error: Key error. inifile [print] -- Reg Error: Key error. InternetShortcut [open] -- Reg Error: Key error. InternetShortcut [print] -- Reg Error: Key error. jsfile [edit] -- Reg Error: Key error. jsfile [open] -- Reg Error: Key error. jsfile [print] -- Reg Error: Key error. jsefile [edit] -- Reg Error: Key error. jsefile [open] -- Reg Error: Key error. jsefile [print] -- Reg Error: Key error. piffile [open] -- Reg Error: Key error. regfile [edit] -- Reg Error: Key error. regfile [open] -- Reg Error: Key error. regfile [merge] -- Reg Error: Key error. regfile [print] -- Reg Error: Key error. scrfile [config] -- Reg Error: Key error. scrfile [install] -- Reg Error: Key error. scrfile [open] -- Reg Error: Key error. txtfile [edit] -- Reg Error: Key error. txtfile [open] -- Reg Error: Key error. txtfile [print] -- Reg Error: Key error. txtfile [printto] -- Reg Error: Key error. vbefile [edit] -- Reg Error: Key error. vbefile [open] -- Reg Error: Key error. vbefile [print] -- Reg Error: Key error. vbsfile [edit] -- Reg Error: Key error. vbsfile [open] -- Reg Error: Key error. vbsfile [print] -- Reg Error: Key error. wsffile [edit] -- Reg Error: Key error. wsffile [open] -- Reg Error: Key error. wsffile [print] -- Reg Error: Key error. wshfile [open] -- Reg Error: Key error. Unknown [openas] -- Reg Error: Key error. Folder [open] -- Reg Error: Key error. Folder [explore] -- Reg Error: Key error. Drive [find] -- Reg Error: Key error. Applications\iexplore.exe [open] -- Reg Error: Key error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1111706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 (64-bit) "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{2222706F-666A-4037-7777-202648764D10}" = JavaFX 2.0.2 SDK (64-bit) "{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java 7 Update 2 (64-bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java SE Development Kit 7 Update 2 (64-bit) "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = WinRAR archiver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 10/23/2011 8:57:12 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/23/2011 8:57:12 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/23/2011 8:57:12 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/23/2011 9:52:02 AM | Computer Name = Becka-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 10/23/2011 9:52:02 AM | Computer Name = Becka-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. . Error - 10/24/2011 8:33:40 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error - 10/24/2011 8:36:38 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/24/2011 8:36:38 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/24/2011 8:36:38 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/24/2011 8:36:38 AM | Computer Name = Becka-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. [ System Events ] Error - 1/6/2012 6:24:18 PM | Computer Name = Becka-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 1/6/2012 6:24:18 PM | Computer Name = Becka-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 1/6/2012 6:26:50 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/6/2012 6:29:09 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/12/2012 7:10:35 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/12/2012 7:13:04 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/12/2012 7:36:40 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/12/2012 7:39:04 PM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/13/2012 3:11:17 AM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 1/13/2012 3:13:42 AM | Computer Name = Becka-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. < End of report >

OTL.Txt Notepad-- OTL logfile created on: 1/16/2012 10:50:23 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Becka\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.75 Gb Total Physical Memory | 4.36 Gb Available Physical Memory | 75.79% Memory free 11.50 Gb Paging File | 9.98 Gb Available in Paging File | 86.79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 686.54 Gb Total Space | 566.18 Gb Free Space | 82.47% Space Free | Partition Type: NTFS Computer Name: BECKA-PC | User Name: Becka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Becka\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) PRC - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll () MOD - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll () MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () ========== Win32 Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (Updater Service) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe (Acer) SRV:64bit: - (ForceWare Intelligent Application Manager (IAM)) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (LeapFrog Connect Device Service) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (GameConsoleService) -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Greg_Service) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (LVUVC64) Logitech Webcam C160(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (LeapFrog-USBLAN) -- C:\Windows\SysNative\drivers\btblan.sys (Belcarra Technologies) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 C4 93 0B 2B D2 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/13 20:03:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/29 23:11:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/11 20:21:16 | 000,000,000 | ---D | M] [2010/07/14 20:26:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becka\AppData\Roaming\Mozilla\Extensions [2012/01/06 14:57:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\extensions [2012/01/06 14:57:25 | 000,000,000 | ---D | M] (M86Security Secure Browsing) -- C:\Users\Becka\AppData\Roaming\Mozilla\Firefox\Profiles\zl67rjc3.default\extensions\securebrowsing@m86security.com [2011/12/29 23:11:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/12/29 23:11:38 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/08/11 09:16:27 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011/03/18 10:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/03/18 10:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2011/05/25 20:27:38 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/11/08 22:52:25 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== O1 HOSTS File: ([2012/01/06 14:30:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.1) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{189A7EA4-E3E5-4BEB-805A-E0A751964664}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.) Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2012/01/16 22:40:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Becka\Desktop\OTL.exe [2012/01/15 11:25:19 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{EC4CFDAB-8946-479F-B12D-227C4977E74C} [2012/01/15 11:24:45 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{A0F06657-0C95-4AB3-9628-0AE762844A03} [2012/01/14 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{FF6AADB4-3AA7-4AA6-B9A1-C8AF6D11779E} [2012/01/14 17:03:54 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{D2AEB409-2CB0-4BE4-A557-11505BE4ADBA} [2012/01/14 13:31:49 | 001,972,528 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Becka\Desktop\tdsskiller.exe [2012/01/14 13:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012/01/14 13:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/01/12 23:36:54 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{4211D351-7B05-4A42-A515-7BE514666E3D} [2012/01/12 23:36:32 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{B160478C-19C0-413E-AC33-15E0B12FFA7C} [2012/01/12 23:08:08 | 000,000,000 | --SD | C] -- C:\ComboFix [2012/01/12 23:07:57 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2012/01/12 14:52:22 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{5B014FA1-2002-46EC-9C37-46FC08924420} [2012/01/11 23:06:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012/01/11 21:34:31 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{2C74EABB-1CCC-4FCE-9B07-D09A7D5E0D1A} [2012/01/11 21:34:08 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{BA5B627B-7ECF-4D78-BBA8-EE5AFC94F2D4} [2012/01/10 22:38:23 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{971BD31F-B2A8-48F0-BDE1-5830B5631C51} [2012/01/10 22:38:00 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{9E9F73D2-DA73-42B6-AD59-D22E216118BF} [2012/01/08 19:52:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/01/07 19:24:47 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{1FF808FC-4037-4265-9583-B73EE585BA6F} [2012/01/07 19:24:26 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{5FD5536B-DFD7-47F0-B423-63E822335139} [2012/01/06 15:00:24 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{07D22EEF-2E63-46D4-AE25-6353E3A79F3C} [2012/01/06 15:00:03 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F9C2AE62-014B-47AC-B89B-5D66B2D3F5CA} [2012/01/06 14:38:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/01/06 14:16:31 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{4029285F-C3D8-4F03-878A-3C8FD98CB23E} [2012/01/06 13:43:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/01/06 13:43:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/01/06 13:43:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/01/06 13:42:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/01/06 13:42:50 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/01/06 00:15:48 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{4A85EBC4-0C39-45D0-9BCE-4367DF145B2F} [2012/01/06 00:15:19 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{83FF8B5F-1264-4D29-AD88-F54CB0D63F4D} [2012/01/05 09:51:04 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{3FC0C969-9667-4261-A527-FB8306B58438} [2012/01/05 09:50:41 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{E204C87F-F658-4676-AFDE-E6E21BD84FC9} [2012/01/03 23:38:03 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{2BDC3E86-EE29-4AE7-8022-37754478E11E} [2012/01/03 23:37:42 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{8C8D58B7-3702-471E-9734-1C73050C0149} [2012/01/01 22:27:16 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{36B948A8-ABE6-44AD-9BC8-1E6FC369ED1C} [2012/01/01 22:26:53 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{B422F495-6055-45C1-97FC-E085188F9DA2} [2011/12/31 19:12:24 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{1CB1C6D3-1B3C-485E-BDB2-FC2122CE9B90} [2011/12/30 13:04:58 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{AC6349AA-128E-490A-8EA4-FC931128C492} [2011/12/30 13:04:36 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{B36E4390-41A0-4C95-880F-BAD95F08678B} [2011/12/29 19:50:42 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{6CBDC9B9-DA73-40A8-AACF-B3C8A078F119} [2011/12/29 19:50:21 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F0DF64CD-83E1-489B-B7D5-D820E338EAF1} [2011/12/27 14:20:13 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{CD5D7B81-372E-4F6E-B111-5AE9349D40BD} [2011/12/27 14:20:01 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{1DB8D61E-A01E-4C00-B7DB-4DA9E227D6F6} [2011/12/26 13:24:10 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{1FB67DBA-2BD8-4BB7-96E0-A26ECF7BA44A} [2011/12/26 13:23:47 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{0EC337C5-CE8A-4830-A6AD-A1ED7DD89380} [2011/12/25 00:05:36 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{2EB0BE58-95E4-4B96-83C4-BB9D092B362F} [2011/12/25 00:05:13 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{FB43293A-20BC-4B96-8D80-6A1F68467737} [2011/12/24 00:03:42 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{47D90422-8D4A-41C3-A80A-EBA2863B6E57} [2011/12/24 00:03:29 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{4EBF35B9-7193-4FE8-9D85-2CC860E36109} [2011/12/22 23:51:15 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{DA7D6BFA-F8C7-491B-B742-94B03A73C20F} [2011/12/22 23:51:04 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{E96C2ECA-9817-40C2-B586-0F7156AD774E} [2011/12/22 21:37:17 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2011/12/22 21:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect [2011/12/22 21:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Leapfrog [2011/12/22 21:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeapFrog [2011/12/22 11:42:46 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{0ADDCB36-F440-4630-B985-0EFBBCB1EF28} [2011/12/22 11:42:35 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F7D03F66-91D4-455D-A47D-9632117D3871} [2011/12/21 12:39:55 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F7DAE020-0DCB-4E68-A6AF-B3EEE358AB99} [2011/12/21 12:39:33 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{84BE0F0F-7972-4A0B-9A15-35D131F810BB} [2011/12/21 00:29:27 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{1CDA8ACB-C880-4970-82AA-9101E2461D39} [2011/12/21 00:29:14 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F6576F40-F000-4302-89FA-EEAE253ADCC6} [2011/12/20 12:28:48 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{2A489BD7-C909-4A24-B3B6-58D16D1B7E4F} [2011/12/20 12:28:37 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{AFC0EBC2-8B3A-4409-8198-A3D5562D2688} [2011/12/19 19:49:39 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{F2760940-0419-47C9-9271-DBDEE7BD2F81} [2011/12/19 19:49:19 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{B1EAC250-2552-4DC6-8889-53664536FEB7} [2011/12/18 21:08:30 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{C1C590E8-B6FD-49C9-BE5E-A3DA8AE2875D} [2011/12/18 21:08:07 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{16843E3D-4FD8-4426-9E7E-5B62659D45B8} [2011/12/18 00:02:41 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{C31C4A86-DBE8-4CFA-9B0C-A5B66B2CFEC0} [2011/12/18 00:02:30 | 000,000,000 | ---D | C] -- C:\Users\Becka\AppData\Local\{2BDB5455-90FE-4CEB-B3C1-3B72CC97A8F6} ========== Files - Modified Within 30 Days ========== [2012/01/16 22:43:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/01/16 22:40:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Becka\Desktop\OTL.exe [2012/01/16 12:43:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/01/16 08:06:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/16 08:06:24 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/16 08:04:09 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/01/16 08:04:09 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/01/16 08:04:09 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/01/16 07:59:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/16 07:59:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012/01/16 07:59:05 | 335,044,607 | -HS- | M] () -- C:\hiberfil.sys [2012/01/15 13:12:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/01/14 18:33:14 | 000,001,110 | ---- | M] () -- C:\Windows\WinInit.Ini [2012/01/14 13:31:49 | 001,972,528 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Becka\Desktop\tdsskiller.exe [2012/01/06 14:30:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/12/29 23:11:54 | 000,002,061 | ---- | M] () -- C:\Users\Becka\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ========== Files Created - No Company Name ========== [2012/01/12 23:08:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/01/06 13:43:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/01/06 13:43:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/01/06 13:43:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/01/06 13:43:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/11/22 23:52:12 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat [2011/08/19 08:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2011/08/19 08:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2011/08/19 08:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2010/07/14 20:26:04 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/03/29 14:28:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/03/27 01:18:08 | 000,000,000 | ---- | C] () -- C:\Users\Becka\AppData\Roaming\wklnhst.dat [2010/03/26 22:15:55 | 000,001,110 | ---- | C] () -- C:\Windows\WinInit.Ini [2010/02/23 02:16:26 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011/08/11 09:16:27 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\Catalina Marketing Corp [2010/07/31 16:16:39 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\LolClient [2011/06/15 09:12:35 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\OpenOffice.org [2010/02/23 02:37:42 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\Opera [2010/03/27 01:18:09 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\Template [2010/03/29 19:29:43 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\WildTangent [2010/10/19 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Becka\AppData\Roaming\Windows Live Writer [2011/10/29 08:10:42 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/11/24 09:01:11 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012/01/16 07:59:05 | 335,044,607 | -HS- | M] () -- C:\hiberfil.sys [2006/12/01 23:37:14 | 000,904,704 | -H-- | M] (Microsoft Corporation) -- C:\msdia80.dll [2012/01/16 07:59:06 | 1878,384,639 | -HS- | M] () -- C:\pagefile.sys [2010/02/22 23:41:40 | 000,000,012 | -H-- | M] () -- C:\reachd.cz [2009/11/24 09:14:12 | 000,002,035 | ---- | M] () -- C:\RHDSetup.log [2012/01/14 13:34:13 | 000,074,468 | ---- | M] () -- C:\TDSSKiller.2.7.1.0_14.01.2012_13.32.48_log.txt < %systemroot%\Fonts\*.com > [2009/07/13 21:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/13 21:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/13 21:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/13 21:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2009/06/10 12:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > [2011/11/28 10:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011/05/13 14:42:24 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > [2009/07/13 20:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x > < %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x > [2011/07/01 09:58:09 | 000,000,221 | -HS- | M] () -- C:\Users\Becka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini < %USERPROFILE%\Desktop\*.exe > [2012/01/16 22:40:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Becka\Desktop\OTL.exe [2012/01/14 13:31:49 | 001,972,528 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Becka\Desktop\tdsskiller.exe < %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* > < %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x > < %PROGRAMFILES%\PC-Doctor\Downloads\*.* > < %PROGRAMFILES%\Internet Explorer\*.tmp > < %PROGRAMFILES%\Internet Explorer\*.dat > < %USERPROFILE%\My Documents\*.exe > < %USERPROFILE%\*.exe > < %systemroot%\ADDINS\*.* > [2009/06/10 13:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf < %systemroot%\assembly\*.bak2 > < %systemroot%\Config\*.* > < %systemroot%\REPAIR\*.bak2 > < %systemroot%\SECURITY\Database\*.sdb /x > < %systemroot%\SYSTEM\*.bak2 > < %systemroot%\Web\*.bak2 > < %systemroot%\Driver Cache\*.* > < %PROGRAMFILES%\Mozilla Firefox\0*.exe > < %ProgramFiles%\Microsoft Common\*.* > < %ProgramFiles%\TinyProxy. > < %USERPROFILE%\Favorites\*.url /x > [2011/10/26 19:31:05 | 000,000,402 | -HS- | M] () -- C:\Users\Becka\Favorites\desktop.ini < %systemroot%\system32\*.bk > < %systemroot%\*.te > < %systemroot%\system32\system32\*.* > < %ALLUSERSPROFILE%\*.dat /x > < %systemroot%\system32\drivers\*.rmv > < dir /b "%systemroot%\system32\*.exe" | find /i " " /c > < dir /b "%systemroot%\*.exe" | find /i " " /c > < %PROGRAMFILES%\Microsoft\*.* > < %systemroot%\System32\Wbem\proquota.exe > < %PROGRAMFILES%\Mozilla Firefox\*.dat > < %USERPROFILE%\Cookies\*.txt /x > < %SystemRoot%\system32\fonts\*.* > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >

It didn't find any threat, but here's my log. 13:32:48.0914 5032 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05 13:32:49.0445 5032 ============================================================ 13:32:49.0445 5032 Current date / time: 2012/01/14 13:32:49.0445 13:32:49.0445 5032 SystemInfo: 13:32:49.0445 5032 13:32:49.0445 5032 OS Version: 6.1.7601 ServicePack: 1.0 13:32:49.0445 5032 Product type: Workstation 13:32:49.0445 5032 ComputerName: BECKA-PC 13:32:49.0445 5032 UserName: Becka 13:32:49.0445 5032 Windows directory: C:\Windows 13:32:49.0445 5032 System windows directory: C:\Windows 13:32:49.0445 5032 Running under WOW64 13:32:49.0445 5032 Processor architecture: Intel x64 13:32:49.0445 5032 Number of processors: 2 13:32:49.0445 5032 Page size: 0x1000 13:32:49.0445 5032 Boot type: Normal boot 13:32:49.0445 5032 ============================================================ 13:32:50.0303 5032 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000, SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040 13:32:50.0396 5032 Initialize success 13:33:25.0886 0572 ============================================================ 13:33:25.0886 0572 Scan started 13:33:25.0886 0572 Mode: Manual; SigCheck; TDLFS; 13:33:25.0886 0572 ============================================================ 13:33:26.0682 0572 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 13:33:26.0791 0572 1394ohci - ok 13:33:26.0838 0572 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 13:33:26.0854 0572 ACPI - ok 13:33:26.0869 0572 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 13:33:26.0947 0572 AcpiPmi - ok 13:33:26.0994 0572 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 13:33:27.0025 0572 adp94xx - ok 13:33:27.0056 0572 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 13:33:27.0072 0572 adpahci - ok 13:33:27.0212 0572 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 13:33:27.0244 0572 adpu320 - ok 13:33:27.0306 0572 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 13:33:27.0353 0572 AFD - ok 13:33:27.0384 0572 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 13:33:27.0400 0572 agp440 - ok 13:33:27.0431 0572 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 13:33:27.0446 0572 aliide - ok 13:33:27.0478 0572 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 13:33:27.0493 0572 amdide - ok 13:33:27.0524 0572 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 13:33:27.0540 0572 AmdK8 - ok 13:33:27.0587 0572 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 13:33:27.0618 0572 AmdPPM - ok 13:33:27.0634 0572 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 13:33:27.0649 0572 amdsata - ok 13:33:27.0696 0572 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 13:33:27.0712 0572 amdsbs - ok 13:33:27.0743 0572 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 13:33:27.0758 0572 amdxata - ok 13:33:27.0790 0572 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 13:33:27.0868 0572 AppID - ok 13:33:27.0899 0572 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 13:33:27.0914 0572 arc - ok 13:33:27.0930 0572 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 13:33:27.0946 0572 arcsas - ok 13:33:27.0992 0572 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys 13:33:28.0070 0572 aswFsBlk - ok 13:33:28.0102 0572 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys 13:33:28.0117 0572 aswMonFlt - ok 13:33:28.0117 0572 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys 13:33:28.0133 0572 aswRdr - ok 13:33:28.0164 0572 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys 13:33:28.0195 0572 aswSnx - ok 13:33:28.0211 0572 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys 13:33:28.0226 0572 aswSP - ok 13:33:28.0242 0572 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys 13:33:28.0242 0572 aswTdi - ok 13:33:28.0258 0572 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 13:33:28.0320 0572 AsyncMac - ok 13:33:28.0351 0572 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 13:33:28.0367 0572 atapi - ok 13:33:28.0429 0572 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 13:33:28.0460 0572 b06bdrv - ok 13:33:28.0476 0572 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 13:33:28.0507 0572 b57nd60a - ok 13:33:28.0523 0572 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 13:33:28.0570 0572 Beep - ok 13:33:28.0601 0572 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 13:33:28.0632 0572 blbdrive - ok 13:33:28.0663 0572 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 13:33:28.0710 0572 bowser - ok 13:33:28.0726 0572 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:33:28.0757 0572 BrFiltLo - ok 13:33:28.0772 0572 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:33:28.0788 0572 BrFiltUp - ok 13:33:28.0819 0572 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 13:33:28.0866 0572 BridgeMP - ok 13:33:28.0897 0572 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 13:33:28.0913 0572 Brserid - ok 13:33:28.0928 0572 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 13:33:28.0960 0572 BrSerWdm - ok 13:33:28.0975 0572 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 13:33:28.0991 0572 BrUsbMdm - ok 13:33:29.0006 0572 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 13:33:29.0022 0572 BrUsbSer - ok 13:33:29.0053 0572 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 13:33:29.0084 0572 BTHMODEM - ok 13:33:29.0131 0572 catchme - ok 13:33:29.0162 0572 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 13:33:29.0225 0572 cdfs - ok 13:33:29.0272 0572 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 13:33:29.0287 0572 cdrom - ok 13:33:29.0318 0572 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 13:33:29.0334 0572 circlass - ok 13:33:29.0365 0572 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 13:33:29.0381 0572 CLFS - ok 13:33:29.0443 0572 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 13:33:29.0474 0572 CmBatt - ok 13:33:29.0506 0572 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 13:33:29.0521 0572 cmdide - ok 13:33:29.0552 0572 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 13:33:29.0584 0572 CNG - ok 13:33:29.0599 0572 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 13:33:29.0599 0572 Compbatt - ok 13:33:29.0646 0572 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 13:33:29.0693 0572 CompositeBus - ok 13:33:29.0724 0572 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 13:33:29.0740 0572 crcdisk - ok 13:33:29.0786 0572 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 13:33:29.0833 0572 DfsC - ok 13:33:29.0849 0572 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 13:33:29.0896 0572 discache - ok 13:33:29.0927 0572 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 13:33:29.0927 0572 Disk - ok 13:33:29.0958 0572 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 13:33:29.0974 0572 drmkaud - ok 13:33:30.0067 0572 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 13:33:30.0114 0572 DXGKrnl - ok 13:33:30.0208 0572 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 13:33:30.0317 0572 ebdrv - ok 13:33:30.0364 0572 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 13:33:30.0379 0572 elxstor - ok 13:33:30.0410 0572 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 13:33:30.0442 0572 ErrDev - ok 13:33:30.0473 0572 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 13:33:30.0520 0572 exfat - ok 13:33:30.0535 0572 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 13:33:30.0566 0572 fastfat - ok 13:33:30.0598 0572 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 13:33:30.0629 0572 fdc - ok 13:33:30.0644 0572 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 13:33:30.0644 0572 FileInfo - ok 13:33:30.0660 0572 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 13:33:30.0707 0572 Filetrace - ok 13:33:30.0722 0572 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 13:33:30.0738 0572 flpydisk - ok 13:33:30.0769 0572 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 13:33:30.0785 0572 FltMgr - ok 13:33:30.0800 0572 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 13:33:30.0816 0572 FsDepends - ok 13:33:30.0832 0572 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 13:33:30.0832 0572 Fs_Rec - ok 13:33:30.0878 0572 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 13:33:30.0894 0572 fvevol - ok 13:33:30.0910 0572 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 13:33:30.0925 0572 gagp30kx - ok 13:33:30.0988 0572 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 13:33:31.0003 0572 hcw85cir - ok 13:33:31.0050 0572 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 13:33:31.0097 0572 HdAudAddService - ok 13:33:31.0128 0572 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 13:33:31.0144 0572 HDAudBus - ok 13:33:31.0159 0572 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 13:33:31.0175 0572 HidBatt - ok 13:33:31.0190 0572 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 13:33:31.0206 0572 HidBth - ok 13:33:31.0237 0572 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 13:33:31.0268 0572 HidIr - ok 13:33:31.0284 0572 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 13:33:31.0300 0572 HidUsb - ok 13:33:31.0346 0572 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 13:33:31.0362 0572 HpSAMD - ok 13:33:31.0424 0572 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 13:33:31.0502 0572 HTTP - ok 13:33:31.0534 0572 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 13:33:31.0534 0572 hwpolicy - ok 13:33:31.0549 0572 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 13:33:31.0565 0572 i8042prt - ok 13:33:31.0596 0572 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 13:33:31.0612 0572 iaStorV - ok 13:33:31.0627 0572 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 13:33:31.0643 0572 iirsp - ok 13:33:31.0736 0572 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys 13:33:31.0830 0572 IntcAzAudAddService - ok 13:33:31.0846 0572 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 13:33:31.0846 0572 intelide - ok 13:33:31.0861 0572 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 13:33:31.0892 0572 intelppm - ok 13:33:31.0924 0572 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:33:31.0955 0572 IpFilterDriver - ok 13:33:31.0986 0572 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 13:33:32.0002 0572 IPMIDRV - ok 13:33:32.0017 0572 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 13:33:32.0064 0572 IPNAT - ok 13:33:32.0080 0572 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 13:33:32.0111 0572 IRENUM - ok 13:33:32.0126 0572 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 13:33:32.0126 0572 isapnp - ok 13:33:32.0158 0572 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 13:33:32.0173 0572 iScsiPrt - ok 13:33:32.0204 0572 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 13:33:32.0204 0572 kbdclass - ok 13:33:32.0251 0572 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 13:33:32.0298 0572 kbdhid - ok 13:33:32.0345 0572 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 13:33:32.0376 0572 KSecDD - ok 13:33:32.0392 0572 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 13:33:32.0407 0572 KSecPkg - ok 13:33:32.0423 0572 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 13:33:32.0485 0572 ksthunk - ok 13:33:32.0548 0572 LeapFrog-USBLAN (797289607a5ebf31353aa5ead141f872) C:\Windows\system32\DRIVERS\btblan.sys 13:33:32.0563 0572 LeapFrog-USBLAN - ok 13:33:32.0594 0572 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 13:33:32.0641 0572 lltdio - ok 13:33:32.0672 0572 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 13:33:32.0688 0572 LSI_FC - ok 13:33:32.0704 0572 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 13:33:32.0719 0572 LSI_SAS - ok 13:33:32.0735 0572 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:33:32.0750 0572 LSI_SAS2 - ok 13:33:32.0766 0572 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:33:32.0766 0572 LSI_SCSI - ok 13:33:32.0782 0572 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 13:33:32.0828 0572 luafv - ok 13:33:32.0875 0572 LVRS64 (ef2be2f45d4f06410a3bd2a3467325b0) C:\Windows\system32\DRIVERS\lvrs64.sys 13:33:32.0906 0572 LVRS64 - ok 13:33:33.0031 0572 LVUVC64 (ac22f92c6078640fe8a70d662a2f3ad5) C:\Windows\system32\DRIVERS\lvuvc64.sys 13:33:33.0187 0572 LVUVC64 - ok 13:33:33.0203 0572 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys 13:33:33.0218 0572 MBAMProtector - ok 13:33:33.0250 0572 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 13:33:33.0250 0572 megasas - ok 13:33:33.0281 0572 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 13:33:33.0296 0572 MegaSR - ok 13:33:33.0312 0572 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 13:33:33.0343 0572 Modem - ok 13:33:33.0359 0572 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 13:33:33.0390 0572 monitor - ok 13:33:33.0421 0572 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 13:33:33.0437 0572 mouclass - ok 13:33:33.0437 0572 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 13:33:33.0468 0572 mouhid - ok 13:33:33.0499 0572 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 13:33:33.0515 0572 mountmgr - ok 13:33:33.0546 0572 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 13:33:33.0562 0572 mpio - ok 13:33:33.0577 0572 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 13:33:33.0624 0572 mpsdrv - ok 13:33:33.0655 0572 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 13:33:33.0686 0572 MRxDAV - ok 13:33:33.0733 0572 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:33:33.0764 0572 mrxsmb - ok 13:33:33.0811 0572 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:33:33.0842 0572 mrxsmb10 - ok 13:33:33.0858 0572 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:33:33.0889 0572 mrxsmb20 - ok 13:33:33.0920 0572 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 13:33:33.0936 0572 msahci - ok 13:33:33.0952 0572 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 13:33:33.0967 0572 msdsm - ok 13:33:33.0983 0572 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 13:33:34.0014 0572 Msfs - ok 13:33:34.0030 0572 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 13:33:34.0076 0572 mshidkmdf - ok 13:33:34.0092 0572 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 13:33:34.0108 0572 msisadrv - ok 13:33:34.0139 0572 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 13:33:34.0217 0572 MSKSSRV - ok 13:33:34.0232 0572 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 13:33:34.0264 0572 MSPCLOCK - ok 13:33:34.0279 0572 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 13:33:34.0326 0572 MSPQM - ok 13:33:34.0373 0572 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 13:33:34.0388 0572 MsRPC - ok 13:33:34.0404 0572 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 13:33:34.0404 0572 mssmbios - ok 13:33:34.0420 0572 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 13:33:34.0451 0572 MSTEE - ok 13:33:34.0466 0572 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 13:33:34.0482 0572 MTConfig - ok 13:33:34.0513 0572 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 13:33:34.0513 0572 Mup - ok 13:33:34.0560 0572 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 13:33:34.0591 0572 NativeWifiP - ok 13:33:34.0622 0572 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 13:33:34.0654 0572 NDIS - ok 13:33:34.0669 0572 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 13:33:34.0700 0572 NdisCap - ok 13:33:34.0716 0572 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 13:33:34.0763 0572 NdisTapi - ok 13:33:34.0810 0572 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 13:33:34.0872 0572 Ndisuio - ok 13:33:34.0903 0572 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 13:33:34.0934 0572 NdisWan - ok 13:33:34.0966 0572 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 13:33:35.0044 0572 NDProxy - ok 13:33:35.0059 0572 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 13:33:35.0090 0572 NetBIOS - ok 13:33:35.0122 0572 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 13:33:35.0168 0572 NetBT - ok 13:33:35.0200 0572 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 13:33:35.0215 0572 nfrd960 - ok 13:33:35.0246 0572 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 13:33:35.0278 0572 Npfs - ok 13:33:35.0293 0572 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 13:33:35.0324 0572 nsiproxy - ok 13:33:35.0402 0572 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 13:33:35.0449 0572 Ntfs - ok 13:33:35.0465 0572 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 13:33:35.0512 0572 Null - ok 13:33:35.0527 0572 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 13:33:35.0558 0572 NVENETFD - ok 13:33:35.0855 0572 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:33:36.0182 0572 nvlddmkm - ok 13:33:36.0229 0572 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys 13:33:36.0245 0572 NVNET - ok 13:33:36.0276 0572 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 13:33:36.0292 0572 nvraid - ok 13:33:36.0307 0572 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 13:33:36.0323 0572 nvstor - ok 13:33:36.0338 0572 nvstor64 (7c7eef51979658ce15bbc04f96a77d56) C:\Windows\system32\DRIVERS\nvstor64.sys 13:33:36.0354 0572 nvstor64 - ok 13:33:36.0385 0572 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 13:33:36.0401 0572 nv_agp - ok 13:33:36.0416 0572 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 13:33:36.0448 0572 ohci1394 - ok 13:33:36.0479 0572 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 13:33:36.0494 0572 Parport - ok 13:33:36.0526 0572 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 13:33:36.0541 0572 partmgr - ok 13:33:36.0557 0572 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 13:33:36.0572 0572 pci - ok 13:33:36.0604 0572 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 13:33:36.0619 0572 pciide - ok 13:33:36.0635 0572 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 13:33:36.0650 0572 pcmcia - ok 13:33:36.0666 0572 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 13:33:36.0666 0572 pcw - ok 13:33:36.0697 0572 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 13:33:36.0744 0572 PEAUTH - ok 13:33:36.0791 0572 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 13:33:36.0838 0572 PptpMiniport - ok 13:33:36.0853 0572 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 13:33:36.0869 0572 Processor - ok 13:33:36.0916 0572 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 13:33:36.0994 0572 Psched - ok 13:33:37.0040 0572 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 13:33:37.0087 0572 ql2300 - ok 13:33:37.0118 0572 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 13:33:37.0118 0572 ql40xx - ok 13:33:37.0134 0572 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 13:33:37.0165 0572 QWAVEdrv - ok 13:33:37.0181 0572 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 13:33:37.0212 0572 RasAcd - ok 13:33:37.0228 0572 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 13:33:37.0259 0572 RasAgileVpn - ok 13:33:37.0384 0572 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:33:37.0446 0572 Rasl2tp - ok 13:33:37.0462 0572 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 13:33:37.0508 0572 RasPppoe - ok 13:33:37.0524 0572 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 13:33:37.0555 0572 RasSstp - ok 13:33:37.0602 0572 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 13:33:37.0633 0572 rdbss - ok 13:33:37.0649 0572 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 13:33:37.0680 0572 rdpbus - ok 13:33:37.0696 0572 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:33:37.0727 0572 RDPCDD - ok 13:33:37.0742 0572 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 13:33:37.0789 0572 RDPENCDD - ok 13:33:37.0805 0572 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 13:33:37.0836 0572 RDPREFMP - ok 13:33:37.0867 0572 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 13:33:37.0898 0572 RDPWD - ok 13:33:37.0930 0572 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 13:33:37.0976 0572 rdyboost - ok 13:33:38.0008 0572 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 13:33:38.0039 0572 rspndr - ok 13:33:38.0070 0572 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 13:33:38.0086 0572 sbp2port - ok 13:33:38.0132 0572 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 13:33:38.0242 0572 scfilter - ok 13:33:38.0273 0572 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 13:33:38.0366 0572 secdrv - ok 13:33:38.0460 0572 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 13:33:38.0507 0572 Serenum - ok 13:33:38.0554 0572 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 13:33:38.0569 0572 Serial - ok 13:33:38.0600 0572 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 13:33:38.0647 0572 sermouse - ok 13:33:38.0710 0572 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 13:33:38.0741 0572 sffdisk - ok 13:33:38.0756 0572 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 13:33:38.0772 0572 sffp_mmc - ok 13:33:38.0788 0572 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 13:33:38.0819 0572 sffp_sd - ok 13:33:38.0834 0572 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 13:33:38.0850 0572 sfloppy - ok 13:33:38.0866 0572 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:33:38.0881 0572 SiSRaid2 - ok 13:33:38.0897 0572 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 13:33:38.0912 0572 SiSRaid4 - ok 13:33:38.0959 0572 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 13:33:38.0990 0572 Smb - ok 13:33:39.0006 0572 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 13:33:39.0022 0572 spldr - ok 13:33:39.0053 0572 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 13:33:39.0100 0572 srv - ok 13:33:39.0115 0572 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 13:33:39.0131 0572 srv2 - ok 13:33:39.0162 0572 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 13:33:39.0178 0572 srvnet - ok 13:33:39.0209 0572 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 13:33:39.0209 0572 stexstor - ok 13:33:39.0224 0572 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 13:33:39.0240 0572 swenum - ok 13:33:39.0318 0572 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 13:33:39.0396 0572 Tcpip - ok 13:33:39.0427 0572 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 13:33:39.0458 0572 TCPIP6 - ok 13:33:39.0490 0572 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 13:33:39.0521 0572 tcpipreg - ok 13:33:39.0552 0572 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 13:33:39.0599 0572 TDPIPE - ok 13:33:39.0646 0572 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 13:33:39.0708 0572 TDTCP - ok 13:33:39.0739 0572 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 13:33:39.0770 0572 tdx - ok 13:33:39.0786 0572 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 13:33:39.0802 0572 TermDD - ok 13:33:39.0848 0572 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:33:39.0895 0572 tssecsrv - ok 13:33:39.0942 0572 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 13:33:39.0958 0572 TsUsbFlt - ok 13:33:40.0004 0572 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 13:33:40.0036 0572 tunnel - ok 13:33:40.0051 0572 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 13:33:40.0067 0572 uagp35 - ok 13:33:40.0098 0572 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 13:33:40.0129 0572 udfs - ok 13:33:40.0160 0572 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 13:33:40.0176 0572 uliagpkx - ok 13:33:40.0192 0572 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 13:33:40.0207 0572 umbus - ok 13:33:40.0223 0572 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 13:33:40.0238 0572 UmPass - ok 13:33:40.0285 0572 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 13:33:40.0301 0572 usbaudio - ok 13:33:40.0332 0572 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 13:33:40.0348 0572 usbccgp - ok 13:33:40.0379 0572 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 13:33:40.0394 0572 usbcir - ok 13:33:40.0426 0572 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 13:33:40.0441 0572 usbehci - ok 13:33:40.0488 0572 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 13:33:40.0504 0572 usbhub - ok 13:33:40.0535 0572 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 13:33:40.0550 0572 usbohci - ok 13:33:40.0582 0572 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 13:33:40.0597 0572 usbprint - ok 13:33:40.0644 0572 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 13:33:40.0660 0572 usbscan - ok 13:33:40.0675 0572 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:33:40.0691 0572 USBSTOR - ok 13:33:40.0722 0572 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 13:33:40.0738 0572 usbuhci - ok 13:33:40.0769 0572 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 13:33:40.0769 0572 vdrvroot - ok 13:33:40.0800 0572 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 13:33:40.0816 0572 vga - ok 13:33:40.0831 0572 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 13:33:40.0878 0572 VgaSave - ok 13:33:40.0894 0572 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 13:33:40.0909 0572 vhdmp - ok 13:33:40.0940 0572 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 13:33:40.0956 0572 viaide - ok 13:33:40.0972 0572 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 13:33:40.0987 0572 volmgr - ok 13:33:41.0018 0572 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 13:33:41.0034 0572 volmgrx - ok 13:33:41.0050 0572 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 13:33:41.0065 0572 volsnap - ok 13:33:41.0081 0572 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 13:33:41.0096 0572 vsmraid - ok 13:33:41.0112 0572 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 13:33:41.0143 0572 vwifibus - ok 13:33:41.0159 0572 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 13:33:41.0174 0572 WacomPen - ok 13:33:41.0237 0572 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:33:41.0299 0572 WANARP - ok 13:33:41.0315 0572 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 13:33:41.0346 0572 Wanarpv6 - ok 13:33:41.0377 0572 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 13:33:41.0377 0572 Wd - ok 13:33:41.0408 0572 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 13:33:41.0424 0572 Wdf01000 - ok 13:33:41.0471 0572 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 13:33:41.0502 0572 WfpLwf - ok 13:33:41.0518 0572 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 13:33:41.0533 0572 WIMMount - ok 13:33:41.0580 0572 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 13:33:41.0611 0572 WinUsb - ok 13:33:41.0627 0572 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 13:33:41.0642 0572 WmiAcpi - ok 13:33:41.0674 0572 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 13:33:41.0705 0572 ws2ifsl - ok 13:33:41.0752 0572 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 13:33:41.0814 0572 WudfPf - ok 13:33:41.0830 0572 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:33:41.0876 0572 WUDFRd - ok 13:33:41.0892 0572 MBR (0x1B8) (70e629b51c16b3c007730c6ae57144c9) \Device\Harddisk0\DR0 13:33:44.0232 0572 \Device\Harddisk0\DR0 - ok 13:33:44.0248 0572 Boot (0x1200) (b45e6e22543aba2acf145d08585d4c02) \Device\Harddisk0\DR0\Partition0 13:33:44.0263 0572 \Device\Harddisk0\DR0\Partition0 - ok 13:33:44.0263 0572 Boot (0x1200) (2b2826e7b36cbbc806fa62fd71dd53a2) \Device\Harddisk0\DR0\Partition1 13:33:44.0263 0572 \Device\Harddisk0\DR0\Partition1 - ok 13:33:44.0263 0572 ============================================================ 13:33:44.0263 0572 Scan finished 13:33:44.0263 0572 ============================================================ 13:33:44.0279 4300 Detected object count: 0 13:33:44.0279 4300 Actual detected object count: 0 13:34:13.0654 1368 Deinitialize success

It brought me to this website, I'm just not sure which one to dl. I'm also using firefox if that helps as well, lol. http://www.oracle.com/technetwork/java/javase/downloads/index.html

I'm not quite sure which (JRE) to download, there's a couple options there. I'm running windows 7 if that helps. :l

This is so frusterating, everytime I use combofix it doesn't give me a log, at the end it should be saying, "Preparing log, please wait" or w/e, but it doesn't, it just scans the stages and at the end it restarts my comp, and doesn't ever give me a log. ): Then I scanned with avast again last night and got two more infected files. ): Oh, and as I'm checking now it seems to be that the threat was in combofix maybe? Here's a screenshot of the avast chest logs. http://tinypic.com/r/10xdcp2/5 Am I ever gonna get this fixed? ): It's not looking hopeful at the moment..

Do you happen to know what exactly solved your problem? Cause I've been having constant incoming and outgoing blocks as well, it's driving me insane!

Weird. I'll try again later.

It was, it went to like stage 50 or somethin. Lol. I just couldn't find the log afterwards.

Yeah, I may take a break. For some reason after It's done scanning it just automatically restarts my computer and doesn't show me a log or anything.

I went to my computer, Combofix folder, and the only text document I found was, "Combofix" that, and it says this, which doesn't seem like the right one to me. Sorry. >.< ComboFix 12-01-12.04 - Becka 01/12/2012 15:08:21.3.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5887.4141 [GMT -8:00] Running from: C:\Users\Becka\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Bleh, I ran it but now I can't find my darn log. Sorry, I'm tired and have lots of things going so I'm kind of out of it. ;P Any easier way of retrieving it?

Should I still continue scanning with combofix?

I just went to install combofix and as I was doing that, avast popped up with this. http://tinypic.com/r/23hna8j/5

Do you want me to uninstall drweb? What's the command for that?